Jump to:

10929 Posts in 2613 Topics by 1809 members

All other Modules

SilverStripe Forums » All other Modules » Newsletter Module, security concern unsubscription link

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 804 Views
  • TF-35Lightning
    Avatar
    Community Member
    137 Posts

    Newsletter Module, security concern unsubscription link Link to this post

    Hi all I have just got the Newsletter module running for the first time and have noticed that I can simply unsubscribe any email address that I desire (if I guess the correct email) via the link

    http://localhost/silverstripe/silverstripe-v2.4.0/unsubscribe/index/myemail@gmail.com/1

    (I put in the email address I guess)
    etc.

    I presume it is up to us to come up with some kind of unique identifier to check an id and an email address against each other to help secure the unsubscription, or is that built into it somewhere or?

    There's not much point in having the Newsletter module if people can unsubscribe each other so easily etc.

    Any help would be great

    804 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.